Useful Links
Computer Science
Cybersecurity
JavaScript Security
1. Fundamentals of JavaScript Security
2. Core Client-Side Vulnerabilities
3. Defensive Coding and Mitigation Strategies
4. Browser Security Policies and Features
5. Server-Side Defenses for Client-Side Security
6. Third-Party Code and Supply Chain Security
7. Security in Modern JavaScript Frameworks
8. Advanced Topics
9. Security Testing and Analysis
Security in Modern JavaScript Frameworks
General Principles
Built-in Security Features
Automatic Output Encoding
Template Injection Protections
CSRF Protection
Framework-Specific Vulnerabilities
Misconfiguration Risks
Unsafe Plugin Usage
Version-Specific Issues
React Security
JSX and Auto-Encoding
Preventing XSS by Default
Expression Evaluation
Dangers of dangerouslySetInnerHTML
When and How to Use Safely
Sanitization Requirements
Server-Side Rendering (SSR) Security
Data Hydration Risks
Secure Data Serialization
State Injection Attacks
React-Specific Vulnerabilities
Ref Callback Attacks
Props Injection
Angular Security
Built-in Protections
Sanitization Mechanisms
Template Compiler Security
Trusted Types Integration
The bypassSecurityTrust Methods
Risks and Use Cases
Safe Usage Guidelines
HTML Sanitization
Angular-Specific Vulnerabilities
Template Injection
Expression Language Attacks
Dependency Injection Security
Provider Security
Service Isolation
Vue.js Security
HTML Content vs. Text Content
v-html Directive Risks
Safe Use of Interpolation
Potential XSS Vectors
Template Injection
Third-Party Plugin Risks
Component Props Validation
Vue-Specific Security Features
Template Compilation
Scoped Slots Security
Node.js Security
Server-Side JavaScript Risks
Package Security
Environment Variable Handling
File System Access Control
Previous
6. Third-Party Code and Supply Chain Security
Go to top
Next
8. Advanced Topics